 |
 |
 |
 |
 |
Information about your favorite browser: news, articles and more.
The Gromozon Rootkit - Detection and Removal
Published January 25th, 2007 in All Categories, Malware, Security, Spyware Removal
The Gromozon Rootkit is a user mode rootkit that installs a variant of LinkOptimizer adware and 
occasionally the rogue antispyware program called Brave Sentry, a desktop hijacker. It is named after the site which distributes the threat. This threat pulls out all the tricks including random file naming, file morphing, file encryption (EFS), hiding in the AppInit_DLLs value of the Windows Registry key, using Windows reserved file names, using Alternate Data Streams (ADS) to hide in the system32 folder on NTFS file systems, and disabling rootkit and system analysis tools.
The good thing is that Prevx came out with a removal tool for this beast, which you can find a link to after you read the following symptoms discussion. The Gromozon Rootkit - Detection and Removal - CastleCopsWiki
